package jmine.tec.web.wicket.security;

import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;

import bancosys.tec.security.impl.web.WebSecurityManager;
import bancosys.tec.security.impl.web.filter.SecurityServletFilter;
import bancosys.tec.security.web.ChineseWallSetupException;

/**
 * A maioria dos metodos dessa classe espera que outros componentes cuidem de autenticacao. Este filtro apenas acerta o subject no
 * securityService e faz o setup do chinese wall
 * 
 * @author takeshi
 */
public abstract class WicketSecurityServletFilter extends SecurityServletFilter {

    private WebSecurityManager securityManager;

    /**
     * {@inheritDoc}
     */
    @Override
    protected WebSecurityManager getSecurityManager() {
        return this.securityManager;
    }

    /**
     * @param securityManager the securityManager to set
     */
    public void setSecurityManager(WebSecurityManager securityManager) {
        this.securityManager = securityManager;
    }

    /**
     * {@inheritDoc}
     */
    @Override
    protected boolean validateSubject(Subject subject) {
        return subject != null;
    }

    /**
     * {@inheritDoc}
     */
    @Override
    protected boolean accessGranted(Subject subject, HttpServletRequest request) {
        return true;
    }

    /**
     * {@inheritDoc}
     */
    @Override
    protected void setupChineseWall(Subject subject, HttpServletRequest request) throws ChineseWallSetupException {
        if (subject != null) {
            super.setupChineseWall(subject, request);
        }
    }

}
